Re: [tor-relays] clarification on what Utah State University exit relays store ("360 gigs of log files")

3 Sep 2015

      On 9/2/15, Tim Sammut tim@teamsammut.com wrote:
...
...

Cisco IOS (and likely other platforms) will immediately export flows
if the cache fills to capacity. This will result in flows being
exported in less than inactive timeout,..

there is a second limit here, which is the netflow channel capacity /
storage limit, if you introduce simulated flows at a rate beyond this
capacity, you may become unobservable (via loss) resulting in failure
to correlate.
this is why i asked about logical injection via userspace of billions
of flows per minute as a resistance measure. (e.g. scapy or other raw
inject across a border with cooperating peer, if needed.)
best regards,

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

Re: [tor-relays] clarification on what Utah State University exit relays store ("360 gigs of log files")